Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-4389: fs: btrfs: fix possible use-after-free bug in error handling code of btrfs_get_root_ref()

A flaw was found in btrfs_get_root_ref in fs/btrfs/disk-io.c in the btrfs filesystem in the Linux Kernel due to a double decrement of the reference count. This issue may allow a local attacker with user privilege to crash the system or may lead to leaked internal kernel information.

CVE
#linux#git

Message ID

[email protected] (mailing list archive)

State

New, archived

Headers

show

Series

fs: btrfs: fix possible use-after-free bug in error handling code of btrfs_get_root_ref() | expand

Commit Message****Comments

Patch

diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c index b30309f187cf…126f244cdf88 100644 — a/fs/btrfs/disk-io.c +++ b/fs/btrfs/disk-io.c @@ -1850,9 +1850,10 @@ static struct btrfs_root *btrfs_get_root_ref(struct btrfs_fs_info *fs_info,

ret = btrfs\_insert\_fs\_root(fs\_info, root);
if (ret) {

- btrfs_put_root(root); - if (ret == -EEXIST)

  •   if (ret == -EEXIST) {
    
  •       btrfs\_put\_root(root);
          goto again;
    
  •   }
      goto fail;
    
    } return root;

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907